On May 10, 2018, the Eleventh Circuit Court of Appeals affirmed a Northern District of Georgia decision barring coverage for a loss claimed to arise under a “Computer Fraud” policy issued by Great American Insurance Company to Interactive Communications International, Inc. and HI Technology Corp. Interactive Commc’ns Int’l, Inc. v. Great Am. Ins. Co., No. 17-11712, 2018 WL 2149769 (11th Cir. May 10, 2018). InComm sells “chits,” each of which has a specific monetary value to consumers who can redeem them by transferring that value to their debit card. To redeem a chit, a consumer dials a specific 1-800 number and goes through a computerized interactive voice system. InComm lost $11.4 million when fraudsters manipulated a glitch in the system by placing multiple calls at the same time. This allowed consumers to redeem chits more than once. InComm sought coverage for these losses under its “Computer Fraud” policy.
In a recent brief filed in the Sixth Circuit, American Tooling Center, Inc. argued that the appellate court should reverse the district court’s decision finding no insurance coverage for $800,000 that American Tooling lost after a fraudster’s email tricked an employee into wiring that amount to the fraudster. As we previously reported here, the district court found the insurance policy did not apply because it concluded that American Tooling did not suffer a “direct loss” that was “directly caused by computer fraud,” as required for coverage under the policy. The district count pointed to “intervening events” like the verification of production milestones, authorization of the transfers, and initiating the transfers without verifying the bank account information and found that those events precluded a “finding of ‘direct’ loss ‘directly caused’ by the use of any computer.”
Highlighting the continued problems faced by policyholders in obtaining coverage for “computer fraud,” a Michigan district court recently held that a manufacturer could not recover $800,000 in funds lost after an employee mistakenly wired payment for legitimate vendor invoices into a fraudster’s bank account after receiving a spoofed e-mail requesting payment. In American Tooling Center, Inc. v. Travelers Casualty and Surety Company of America, No. 16-12108 (E.D. Mich. Aug. 1, 2017), the district court applied state law favoring a narrow interpretation of the crime policy’s computer fraud provision to hold that the policyholder had not suffered a “direct” loss that was “directly caused” by the use of any computer.
On November 4, Michael Levine and Matthew McLellan provided commentary for Westlaw about the Fifth Circuit’s recent decision in Apache Corp. v. Great American Insurance Co., No. 15-20499, 2016 WL 6090901 (5th Cir. Oct. 18, 2016), on which Michael Levine had previously written a blog post. In the Westlaw Journal: Computer and Internet, Mike and Matt discussed a frustrating gap in coverage for “computer fraud” that may be found in some crime policies. They encourage policyholders to review their legacy and cyber policies to ensure that complex cyber risks are actually covered. Read their commentary and the associated article here
In a seemingly illogical decision, the Fifth Circuit Court of Appeals ruled in Apache Corp. v. Great American Ins. Co., No 15-20499 (5th Cir. Oct. 18, 2016), that loss resulting from a fraudulent e-mail did not trigger coverage under a crime policy’s “computer fraud” coverage because the loss was not the “direct result” of computer use.